REST APIs with Flask and Python
4.6 (949 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
6,148 students enrolled
Wishlisted Wishlist

Please confirm that you want to add REST APIs with Flask and Python to your Wishlist.

Add to Wishlist

REST APIs with Flask and Python

Build professional REST APIs with Python, Flask, Flask-RESTful, and Flask-SQLAlchemy
4.6 (949 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
6,148 students enrolled
Created by Jose Salvatierra
Last updated 7/2017
Current price: $10 Original price: $110 Discount: 91% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 13.5 hours on-demand video
  • 14 Articles
  • 2 Supplemental Resources
  • 7 Coding exercises
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Connect web or mobile applications to databases and servers via REST APIs
  • Create secure and reliable REST APIs which include authentication, logging, caching, and more
  • Understand the different layers of a web server and how web applications interact with each
View Curriculum
  • Some prior programming experience in any programming language will help. The course includes a full Python refresher course.
  • All software used in the course is provided, and completely free
  • Complete beginners may wish to take a beginner Python course first, and then transition to this course afterwards

Updated 28/07 2017: adding professional closed-captions (subtitles) to all videos. None of that auto-generated stuff!

Updated 9/07 2017: added explanation videos for all coding exercises.

Updated 24/03 2017: added a section on security in your deployments with HTTPS.

Updated 26/11 2016: added section on getting an Ubuntu server and deploying to it.

Are you tired of boring, outdated, incomplete, or incorrect tutorials? I say no more to copy-pasting code that you don’t understand.

Welcome to one of the best resources online on creating REST APIs. I'm Jose, and I'm a software engineer; here to help you truly understand and develop your skills in web and REST API development with Python.

Production-ready REST APIs

This course will guide you in creating simple, intermediate, and advanced REST APIs including authentication, deployments, caching, and much more.

We'll start with a Python refresher that will take you from the very basics to some of the most advanced features of Python—for you to never be lost or confused.

Using Flask and popular extensions Flask-RESTful, Flask-JWT, and Flask-SQLAlchemy we will dive right into developing complete, solid, production-ready REST APIs.

We will also look into essential technologies Git, Heroku, nginx, and Varnish.

You'll be able to...

  • Create resource-based, production-ready REST APIs using Flask and popular extensions;
  • Using SQLAlchemy to easily and efficiently store resources to a database; and
  • Understand the complex intricacies of deployments and performance of REST APIs.

I pride myself in providing excellent support and feedback to every single student. I am always available to guide you personally, and answer questions for your benefit.

Don't wait, and sign up today to take another step toward web services mastery!

I'll see you on the inside.

Who is the target audience?
  • Students wanting to extend the capabilities of mobile and web applications by using server-side technologies
  • Software developers looking to expand their skill-set by learning to develop professional grade REST APIs
  • Those looking to learn Python while specifically catering to web services
Students Who Viewed This Course Also Viewed
Curriculum For This Course
130 Lectures
5 Lectures 02:55

The very first lecture of the course! A quick introduction to the course, what we'll learn, and how we'll get there.

Preview 01:25

This course is structured in a specific way to make it as easy as possible for you to get exactly what you want out of it.

This lecture looks at maximising your time's value by making the course as efficient as possible for you.

How to take this course

A short set of questions for you to evaluate your Python knowledge, and determine where to start the course.

Before we get started: a self-assessment

Installing Python is very simple! Follow these steps and you'll be up and running in no time.

Python on Windows

Installing Python is very simple! Follow these steps and you'll be up and running in no time.

Python on Mac
A Full Python Refresher
29 Lectures 03:26:58

This is a short introductory video to this section. I'm really excited to guide you through this Python refresher course!

Introduction to this section

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Access the code for this section here

Let's look at variables in Python. Variables are just names for values, which we can reuse and reset.

Python is a dynamic typed language, which means variables don't need be constrained to a specific type.

Preview 06:23

1 question

The solution to the "Variables" Python coding exercise.

Solution to coding exercise: Variables

In this video, let's look at methods in Python by creating some examples. Creating methods is simple, you just need the one keyword: def.

Methods in Python

1 question

The solution to the "Method" Python coding exercise.

Solution to coding exercise: Methods

In this lecture we look at three essential data structures in Python: lists, tuples, and sets.

A list is an ordered collection of items.

A tuple is an immutable ordered collection of items.

A set is an unordered collection of unique items.

Lists, tuples, and sets

In this video we look at ways we can interact with lists, tuples and sets. We look at adding more items to a list and a set, and also at why we cannot add items to a tuple.

List, tuple, and set operations

In this fascinating video, we look at advanced set operations: calculating items which are in two sets, or items which are in one set but not another.

Advanced set operations

Lists, tuples, and sets
1 question

The solution to the "Lists, tuples, and sets" Python coding exercise.

Solution to coding exercise: Lists, tuples, sets

Loops allow us to repeat things over and over. This video explores two different types of loop in Python: for loop and while loop.

Loops in Python

This video explores how to create programs which can change depending on some input. For example, we might ask the user if they want to continue or not.

This makes use of boolean comparisons, such as:

  • 1 == 1 (which is True)
  • 5 > 5 (which is False)

The boolean comparisons we have available in Python are many:

  • ==
  • !=
  • >, <, <=, >=
  • is
  • is not
  • in
  • not in
If statements

Flow control—loops and ifs
1 question

The solution to the "Flow control" Python coding exercise.

Solution to coding exercise: Flow control

A short programming exercise for you! I always recommend coding along the videos, and now you have a chance to prove it.

Program away!

A programming exercise for you

List comprehension is a relatively unique thing to Python.

It allows us to succinctly use a for loop inside a list to generate values. These values then end up in the list.

For example, [x for x in range(10)] generates a list [0, 1, 2, 3, 4, 5, 6, 7, 8, 9].

List comprehension

Dictionaries are an extremely useful thing in Python.

They are akin to sets, but instead of being a set of unique values, they are a set of unique keys, and each has a value associated with it.


A rather philosophical question! An introduction to how we might shift our way of thinking, from data only, to things and objects.

Are dictionaries "things"?

Dictionaries and students
1 question

The solution to the "Dictionaries and students" Python coding exercise.

Solution to coding exercise: Dictionaries

Objects are the natural progression from dictionaries. Instead of just holding data, objects hold another special type of data: methods.

A method is a function which operates on the object calling it. Thus, an object can use its own values to calculate outputs of methods. Very cool.

Objects in Python

This video looks at an example of Object-Oriented Programming by creating a Student class.

A Student example

Classes and objects
1 question

The solution to the "Classes and objects" Python coding exercise.

Solution to coding exercise: Classes and objects

In many instances, we don't want our methods to be solely referencing the object which calls them. Sometimes, we want to reference the class of the object. Other times, we don't need either the object or the class.

@classmethod and @staticmethod are two decorators (looking at that shortly!) which extend the capabilities of methods.

@classmethod and @staticmethod

@classmethod and @staticmethod
1 question

The solution to the "@classmethod and @staticmethod" Python coding exercise.

Solution to coding exercise: @classmethod and @staticmethod

Classes in Python can also inherit from one another. This essentially means that a class contains all of the properties and methods of the class it inherits from—but with the added bonus that it can have more.

Inheritance in Object-Oriented Programming

*args and **kwargs are truly fascinatingly confusing. For eons, they have annoyed Python learners.

To this I say no more!

They're just a way of passing arguments.

*args and **kwargs

Not only we can pass values from one method to another, but we can also pass functions.

This is not used very often, but it can sometimes yield very powerful methods in very few lines of code.

Passing functions as arguments

One of the most confusing aspects of Python for learners is the concept of decorators.

These are things we can place on top of function definitions which allow us to extend the function by executing code before and after the function.

They are extremely powerful when used well!

Decorators in Python

In this video we look at advanced decorators in Python, which is decorators that take arguments.

This amplifies the decorator's usefulness, although also makes them slightly more contrived.

Advanced decorators

This Python refresher course was great fun! In this conclusive lecture, we get ready to move onto bigger and better things.

Conclusion of this section
Your first REST API
12 Lectures 01:14:41

In this introductory video, we look at what we'll learn: all about the web. Using Flask, we can create our first web server application.

Introduction to this section

Installing Flask is a necessary first step. Fortunately, installing things in Python is really simple.

All we have to do is execute pip3.5 install Flask, and that will use the Python Package Index to download the package and install it for us.

Installing Flask

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Access the code for this section here

Already we can create our first web server application! This is an application that returns some data when called using a GET request (such as through a web browser).

Preview 09:54

In this lecture we look at how HTTP works and what the verbs mean. They're going to be extremely important when we come to think of REST APIs.

HTTP Verbs

In this lecture we look at the principles behind REST.

REST APIs are only APIs that follow and comply with the REST principles.

Two of the main REST principles are:

  • That it is resource-based
  • That it is stateless
REST Principles

Now that we know about HTTP and REST, we can create our application endpoints (the routes), so we can return different data depending on which endpoint is called.

Creating our application endpoints

In this video we extend the application by returning a list of stores.

Returning a list of stores

In this video we implement the other missing endpoints in the application. We now have a complete web server application!

Implementing other endpoints

Although the focus of the course is not on creating applications to interact with our API, it's useful to know how the API will be called from within a web application.

Normally, APIs are called to retrieve data to create elements on a page, or to do things like authentication, saving to database, or delegate processing to the server.

Calling the API from JavaScript

Testing your API is essential. Without testing, you cannot be sure that your API works. Therefore, you cannot tell your users to use your API! What if it breaks?

In this video we look at Postman, a great tool to test APIs.

Using Postman for API testing

In this section we have learned about the web and using Flask to create our first web server application. Next, on to creating compliant REST APIs!

Conclusion of this section
Flask-RESTful for more efficient development
15 Lectures 01:34:40

This is one of the main sections of the course. In this section we will look at more advanced Python concepts, create a more complex application, and learn about Flask-RESTful—a key Flask extension when creating REST APIs.

Welcome to this section

A very nice piece of software that we can use with Python is the virtualenv.

This allows us to have a different Python installation for every project, which means no shared libraries and context.

This is nice because libraries evolve over time. Something that worked in Flask-RESTful a year ago may not work today, so it makes sense to keep each project separate.

Or else, if we created a project last year and today we update Flask-RESTful, things may not work as expected!

Virtualenvs and setting up Flask-RESTful

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Access the code for this section here

In this video we create our first Flask-RESTful app, which includes our first Resource (remember REST APIs work with resources, instead of just data?).

Preview 10:39

In this video we explore the concept of test-first API design—akin to Test Driven Development.

It's important to first understand what we want our API to do, before we start writing any code. After all, it's easy to get bogged down on technical details and forget to actually write things that we want to use!

Test-first API design—what is that?

In this video we create our Item resource, which represents the actions we can perform on a store item.

Creating our Item Resource

In this video we look at the ItemList, which represents the actions we can perform on a collection of items; and also at creating items and putting them in an in-memory database.

The ItemList and creating Items

In this video we look at refactoring the code and making it better. This is extremely important in programming. Every now and then, stop and look at what you've written. Then, make it nicer without changing what it does.

This is a sure way of making sure your code is always readable and maintainable—which means you or other people will find it easy to work with and improve later on.

Improving code and error control

Ah, a key focus of the course!

Authentication is something virtually every API needs in one way or another.

In this video we look at part 1 of authentication, which includes another Flask extension: Flask-JWT.

Authentication and logging in—part 1

Part 2 of the authentication videos. Here we complete the authentication process and test it with Postman.

Authentication and logging in—part 2

In this video we implement the DELETE HTTP verb, which is very simple with Flask-RESTful.

Now we can delete items from our in-memory database.

DELETE to delete Items

In this video we implement the PUT HTTP verb. One of the key definitions of PUT is that it has to be idempotent.

To be idempotent means that if we call the same endpoint 5 times in a row, only the first call will exert a change in the server.

We can use it to create an item, or to update an item if it already exists.

PUT to create or update Items

Very often we want to limit the data we accept in our requests. Using reqparse it becomes very easy to do this, and it's built into Flask-RESTful!

Advanced request parsing with Flask-RESTful

In this final video we look once again at our code, and making it nicer and more efficient.

Something that often works is to look at code duplication, and trying to remove duplication.

Optimising our final code and request parsing

In this conclusive video, we look at what we've learned: creating proper REST APIs using a very popular Flask extension.

Conclusion of this section
Storing resources in a SQL database
14 Lectures 01:34:35

In this introductory video we look at what we'll learn in this section. It will be very exciting: saving things to a persistent database.

Until now we have used in-memory databases, which meant that shutting down our app resulted in data loss. No more!

Welcome to this section

In this short video we look at setting up our project for this section and installing the required libraries (which, to interact with a SQLite database, happens to be none!).

Setting up our project

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Access the code for this section here

In this video we look at running a local SQLite database and interacting with it from our Python code.

Running a SQLite database and interacting with it from Python

In this video we look at logging our users in by using sample data stored in our database.

This entails retrieving our user's data using SQL, which we can do by using a SELECT statement.

Logging in and retrieving Users from a database

In this video we look at signing our users up to our app by writing their details to a database. This includes creating a /register endpoint to handle the incoming data.

Signing up and writing Users to a database

In this video we take a quick look at preventing duplicate usernames—a good example of things you have to think about when doing API design.

Preventing duplicate usernames when signing users up

In this video we look at retrieving items from a database. Similar to getting our users to log in, but this time accessing our items table.

Retrieving our Item resources from a database

Naturally, retrieving items only is not enough!

In this video we look at creating items and writing them to the database, which means that our API is now usable by other applications if they want to store and retrieve data from our database.

Writing our Item resources to a database

In this video we look at implementing item deletion, which involves deleting the appropriate row from the table.

Warning: it's easy to delete all data from the table, so be careful!

Deleting our Item resources from the database

In this video we look at refactoring (improving) the code so that the insertion of items is not coupled to the endpoint responsible for inserting.

This will be essential for when the PUT method is implemented.

Refactoring insertion of items

In this video we look at implementing the PUT HTTP verb, and this entails either creating or updating an existing item.

The PUT method with database interaction

In this video, we retrieve a list of items from the database and also perform final Postman testing.

Everything works!

Retrieving many items from the database

In this conclusive video we recap what we have learned: all about saving to a local SQLite database using Python.

Conclusion of this section
Simplifying storage with Flask-SQLAlchemy
16 Lectures 02:04:27

In this section, we will look at what an ORM (Object-Relational Mapping) is, and how it can simplify the process of interacting with a database.

Welcome to this section!

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Access the code for this section here

In this lecture we look at installing all the requirements and getting set up.

Setting up this section's project

In this lecture we start discussing Python packages, and how we can create them. We then move some files around to make the project more maintainable by logically grouping our files and classes.

Improving the project structure and maintainability

In this video we create User and Item models. We discuss the difference between a model and a resource, as this is essential in order to design our programs well.

Creating User and Item models

In this video we quickly test using Postman that our refactoring has not broken the API! This is extremely important, as it is easy to forget to test and then end up with a bunch of untested changes.

If something breaks, you won't know where to start fixing it!

Verifying the app works after our changes

In this video we look at advanced Postman usage: tests and environments.

This is extremely useful as it quickly lets us re-use existing text with environment variables.

Tests allow us to quick gauge whether an endpoint call has been successful or not. For example, if it took too long, returned an incorrect error code, didn't return the appropriate values, etc...

Advanced Postman: environments and tests

In this video we tell SQLAlchemy about our tables and columns, which includes defining the data types and primary key.

Telling SQLAlchemy about our tables and columns

In this video we greatly simplify the ItemModel by using methods that SQLAlchemy gives us. We also look into the query builder, which is a key part of SQLAlchemy, and that allows us to easily build SQL queries just by using Python code.

Implementing the ItemModel using SQLAlchemy

In this video we implement the UserModel, which also simplifies it greatly.

Implementing the UserModel using SQLAlchemy

In this video we massively simplify the ItemList resource by virtue of using SQLAlchemy.

Instead of a massive code spew, we can reduce our ItemList to a single line of concise and readable code.

Easily displaying the ItemList resource with SQLAlchemy

In this video we look at the before_first_request decorator, which Flask has.

It allows us to run a method before the first request to the API is processed.

In this video, we create the tables before the first request so that we no longer need to create them manually.

No more creating tables manually—telling SQLAlchemy to create tables

In this video we demonstrate how quick and easy it can be to create new models for our API to use. Here we create a StoreModel, which also includes a relationship to the ItemModel.

Modelling relationships with SQLAlchemy is also surprisingly concise.

Creating a new model: StoreModel

In this video we create the Store and StoreList resources, which is quick since they are similar to the Item and ItemList resources.

Creating the Store Resource

In this video we finalise testing our API using Postman, to make sure that all changes work appropriately.

I encourage you to test your API continuously, so you never write code that you don't know if it works or not.

Final testing of this section's API

In this section we learned about Flask-SQLAlchemy, and we expanded on our API to make it larger and more complex.

There are many more things a REST API can do—and we will look at them in due course!

Conclusion of this section
Git—version control
8 Lectures 33:55

In this introductory section, we look at what we will learn: how to place our applications in Git for others to see and collaborate.

Although not an extensive Git tutorial, it is enough to get you up and running, and putting your code up there for others to see!

In addition, it will be essential to have the code up in the cloud when time comes to deploy it!

Welcome to this section

In this video we look at installing Git.

Installing Git on Mac and Windows

In this illuminating video, we look at what a Git repository really is (hint: a few hidden files and folders).

What is a Git repository?

In this part 1, we look at how the first few interactions with our local Git repository might go. It includes initialising the repository and adding files to the staging area.

The Git workflow—part 1

In this second part of the Git workflow, we look at committing our code and pushing it to a remote repository, hosted on GitHub.

The Git workflow—part 2, including GitHub

In this video we look at using SSH keys for security, and how we can set up GitHub with our SSH key.

Using SSH keys for security

In this video we look at what a README file is, and why you want one in your repository. It is particularly important for others wanting to use or contribute to your project.

The README file

In this conclusive video, we look at what we've learned: a simple way to work with Git to get our code to the cloud, for others to collaborate and see the code we've created.

In addition, it will be essential to have the code in the cloud when time comes to deploy it!

Conclusion of this section
Deploying Flask apps to Heroku
11 Lectures 01:00:20
Welcome to this section

This lecture contains a link to the Python code we'll write and use in this section. Use it to check for mistakes as you write your code, or to refresh your memory!

Access the code for this section here

What is Heroku?

Getting our code into GitHub

Setting up Heroku for Flask

Adding the required files to the project

Logs in Heroku and troubleshooting errors

Testing the deployed API with Postman

Adding PostgreSQL to our Heroku app

Working with Git and automatic deploys

Conclusion of this section
Deploying Flask apps to our own server
9 Lectures 01:29:01

In this section we will look into deploying our Flask app to our own server, provisioned with DigitalOcean. This is a cheap and efficient way of hosting your applications, and enables more performance than hosting with Heroku (for a fraction of the price).

Welcome to this section

In this lecture we look into setting up the DigitalOcean account and server. As per the video, to receive your two free months of a DigitalOcean server, you can use this link:

Setting up a DigitalOcean server

In this lecture we look at installing PostgreSQL in Ubuntu 16.04.

Installing PostgreSQL is not difficult due to Ubuntu's package manager: apt.

Using apt-get, we can easily install PostgreSQL and have it running immediately!

Installing PostgreSQL in Ubuntu 16.04

In this lecture we create a new UNIX user in our Ubuntu server, and give it a password.

Creating a UNIX user in Ubuntu 16.04

In this lecture we set up our new user with a PostgreSQL database, and give it appropriate permissions (including permissions to use a password with the md5 format).

Setting up our new user with PostgreSQL permissions

In this lecture we install nginx and set up the connection from nginx to the uWSGI process.

Setting up nginx and our REST API

In this lecture we install uWSGI and set it up to run our REST API. This is the last step in the deployment!

Setting up uWSGI to run our REST API

In this lecture we verify our API works with the new deployment, and talk about next steps—such as using Varnish to improve performance.

Testing our API to make sure everything works

In this section we have looked at deploying our application to an Ubuntu server provisioned with DigitalOcean.

Notice that this deployment will be valid for any Ubuntu 16.04 server—it does not have to come from DigitalOcean.

Conclusion of this section
Security in your REST APIs
11 Lectures 44:28

This lecture quickly introduces security in REST APIs and what we'll be looking at in this section.

Welcome to this section

This lecture contains an e-book, which you can access to learn about enabling SSL (HTTPS) in REST APIs.

Security in REST APIs e-book

This lecture covers finding and purchasing our domain name.

Getting our domain name

This lecture covers setting up Cloudflare and its various options.

Setting up Cloudflare

This lecture is all about understanding what the Domain Name System is and how it works. Interesting stuff!

What is DNS?

In this lecture we set our DNS records so that our server is accessible through our domain name. We also look into a few different types of DNS records.

Setting our DNS records

Before continuing with SSL, make sure your domain name is working and you can connect to the API!

Verifying everything works—this is important!

In this lecture we create the SSL certificate. Cloudflare can provide us with a valid certificate, which is very handy.

Creating our SSL certificate in Cloudflare

In this lecture we configure our nginx installation to use the SSL certificate. It's just a matter of copying over the certificate and key, and changing some nginx config!

Configuring nginx for SSL

Verify your knowledge of domains and security in this quiz.

Security in REST APIs
5 questions

Extra technical SSL resources

In this section we have looked at security in REST APIs in the form of SSL encryption of traffic between our clients and servers.

This means it's nearly impossible to snoop on the traffic and extract things like emails and passwords that are being sent via HTTPS requests.

Conclusion of this section
About the Instructor
Jose Salvatierra
4.5 Average rating
3,347 Reviews
23,241 Students
6 Courses
Founder of School of Code and Computer Science instructor

I've been teaching computer science and playing and teaching music (grades 1 to 8) for over four years, to students of all ages and all skill levels. Here's my story so far.

I started programming at the age of 10, just a couple years after I started studying music, when my dad, excited that I had showed interest in similar things to himself, taught me the basics of Marin Saric's METAL. Shortly thereafter we moved on to RealBASIC, and from there I started learning, after a couple years, Java and C.

Ever since I started learning programming I knew I wanted to study Computer Science or something along those lines. Half a decade ago I ended up at the University of Dundee, studying Applied Computing.

The University of Dundee is one of the most prestigious for computing-related courses, and I was offered the chance to participate in their computing scholarships due to academic achievement.

I have worked for "Eseye", an M2M company, as an intern doing mainly backend developing, writing PHP scripts and programming Zenoss ZenPacks, and currently work for Skyscanner, one of Scotland's largest technology companies, programming mainly in Python and web languages.

At the moment I enjoy programming in Python, Java and C, playing and recording music, usually as an accompanying pianist for singers, and sports and bodybuilding. I hope that my courses are interesting to you, enjoyable and that you learn from them!